Thanks for your review, Paul. After consultation with Jeff Hodges, we've decided to delete the language about defining additional fields. (This language was copied from RFC 8288 but we decided that it wasn't needed for the purposes of this specification.)
You can see proposed updated source for -06 at https://github.com/w3c/webauthn/pull/1415. Thanks again, -- Mike -----Original Message----- From: Paul Kyzivat <pkyzi...@alum.mit.edu> Sent: Monday, April 13, 2020 11:19 AM To: draft-hodges-webauthn-registries....@ietf.org Cc: General Area Review Team <gen-art@ietf.org> Subject: Gen-ART Last Call review of draft-hodges-webauthn-registries-05 I am the assigned Gen-ART reviewer for this draft. The General Area Review Team (Gen-ART) reviews all IETF documents being processed by the IESG for the IETF Chair. Please treat these comments just like any other last call comments. For more information, please see the FAQ at <https://trac.ietf.org/trac/gen/wiki/GenArtfaq>. Document: draft-hodges-webauthn-registries-05 Reviewer: Paul Kyzivat Review Date: 2020-04-13 IETF LC End Date: 2020-04-29 IESG Telechat date: ? Summary: This draft is on the right track but has open issues, described in the review. Issue: Additional registry fields defined by experts Section 2 specifies that experts are allowed to define additional fields to be collected in the registry. It isn't clear to me how this is intended to work, or could work. Some concerns that come to mind are: * Is this on a per-registration basis? Once a new field has been requested, must that field be retroactively added to all preexisting registrations and all future entries in the registry? * How will someone who is consulting the registry discover the meaning of the new fields? * Does IANA have procedures to handle this sort of modification to the registries? ISTM that the "Notes" field can already be used for extra format-specific data. Adding additional fields that apply to all entries would be better served by a formal revision to the registry. If you really want to preserve this ability for experts to add fields then you need to specify in great detail how this is to work, and verify with IANA that it is feasible. Otherwise the document seems ready to go. _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www.ietf.org/mailman/listinfo/gen-art
